//Local register
//Input: registerDTO
//Output: clientId
public static string registerClientLocal(registerDTO body)
{
SwapDbConnection db = new SwapDbConnection();
client client = db.clients.FirstOrDefault(c => c.email == body.email && (c.platform == "local"));
string id = "";
if (client == null)
{
id = IdService.generateID("client");
HashSalt hs = HashSalt.GenerateSaltedHash(body.password);
client new_client = new client()
{
client_id = id,
email = body.email,
birthday_date = body.birthday,
creation_date = DateTime.Now,
first_name = body.first_name,
last_login = DateTime.Now,
last_name = body.last_name,
phone = body.phone,
sex = body.sex,
password = hs.Hash,
salt = hs.Salt,
platform = "local"
};
db.clients.Add(new_client);
db.SaveChanges();
}
return(id);
}
//Authentication
//Input: loginDTO
//Output: client
public static client checkUserLogin(loginDTO body)
{
SwapDbConnection db = new SwapDbConnection();
client user = db.clients.FirstOrDefault(x => x.email == body.email && x.platform == "local");
if (user == null || !HashSalt.VerifyPassword(body.password, user.password, user.salt))
{
return(null);
}
user.last_login = DateTime.Now;
db.SaveChanges();
return(user);
}
//Generate SaltedHash
//Input: password
//Output: HashSalt object
public static HashSalt GenerateSaltedHash(string password)
{
var saltBytes = new byte[16];
var provider = new RNGCryptoServiceProvider();
provider.GetNonZeroBytes(saltBytes);
var salt = Convert.ToBase64String(saltBytes);
var rfc2898DeriveBytes = new Rfc2898DeriveBytes(password, saltBytes, 10000);
var hashPassword = Convert.ToBase64String(rfc2898DeriveBytes.GetBytes(64));
HashSalt hashSalt = new HashSalt {
Hash = hashPassword, Salt = salt
};
return(hashSalt);
}
//Generate new password
//Input: id, password
//Output: string result
public static string NewPassword(string id, string password)
{
SwapDbConnection db = new SwapDbConnection();
client client = db.clients.FirstOrDefault(c => c.client_id == id);
HashSalt hashSalt;
if (client == null || client.platform != "local")
{
return("false");
}
if (HashSalt.VerifyPassword(password, client.password, client.salt))
{
return("same");
}
hashSalt = HashSalt.GenerateSaltedHash(password);
client.password = hashSalt.Hash;
client.salt = hashSalt.Salt;
db.SaveChanges();
return("ok");
}
//Change user password
//Input: clientId,password
//Output: boolean result if the operation is successful
public static bool ChangePassword(string clientId, string password)
{
SwapDbConnection db = new SwapDbConnection();
HashSalt newPasswordSalt;
client user = db.clients.FirstOrDefault(c => c.client_id == clientId);
if (user == null)
{
return(false);
}
if (user.platform != "local")
{
return(false);
}
newPasswordSalt = HashSalt.GenerateSaltedHash(password);
user.salt = newPasswordSalt.Salt;
user.password = newPasswordSalt.Hash;
db.SaveChanges();
return(true);
}
